A vulnerability was found in picklescan up to 0.0.33. It has been rated as critical. This affects the function _operator.methodcaller. Performing a manipulation results in deserialization.

This vulnerability is reported as CVE-2025-71375. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is advised.